The path from the creation of malicious program to its delivery onto victims’ computers is long nowadays and involves many different players with the same goal – to make a financial gain. Malware authors usually offer their software to cyber criminals who in turn distribute it via underground forums. This is the how they keep their […]
The path from the creation of malicious program to its delivery onto victims’ computers is long nowadays and involves many different players with the same goal – to make a financial gain. Malware authors usually offer their software to cyber criminals who in turn distribute it via underground forums. This is the how they keep their […]
Last week we promised to explain in detail how the “Blackbeard” Trojan infiltrates and hide itself in a victim’s system, especially on its 64-bit variant. Everything described in this blogpost happens just before Pigeon (clickbot payload) gets downloaded and executed. The most interesting aspects are the way it bypasses the Windows’ User Access Control (UAC) […]
At the turn of the year we started to observe a Trojan, not much discussed previously (with a brand new final payload). It has many interesting aspects: It possesses a complex structure containing both 32-bit and 64-bit code; it achieves its persistence with highly invasive methods; and it is robust enough to contain various payloads/functionalites. […]